setTrustedProxies([]); # сбрасываем состояние между запросами $trusted = config::get('request.trusted.proxies'); if (is_null($trusted) || $trusted === '') { return $next($request); } if (is_string($trusted)) { if ($trusted === '*') { $trusted = [ $request->remoteAddress(false, false) # текущий IP ]; } else { $trusted = array_map('trim', explode(',', $trusted)); } } if (is_array($trusted)) { $request->setTrustedProxies( $this->mixinCloudFlareIps($trusted) ); } return $next($request); } public function mixinCloudFlareIps(array $trusted, $force = false) { $key = array_search('cloudflare', $trusted, true); if ($key !== false) { unset($trusted[$key]); $force = true; } if ($force) { $trusted = array_merge($this->loadCloudFlareIps(), $trusted); } return $trusted; } public function loadCloudFlareIps($v6 = false) { $return = []; do { $cacheKey = 'trusted.proxies.cloudflare'; if (Cache::has($cacheKey)) { $return = Cache::get($cacheKey); break; } $ch = curl_init('https://www.cloudflare.com/ips-v' . ($v6 ? '6' : '4')); curl_setopt($ch, CURLOPT_FAILONERROR, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $result = curl_exec($ch); if ($result === false) { curl_close($ch); break; } $code = curl_getinfo($ch, CURLINFO_HTTP_CODE); if ($code !== 200) { break; } curl_close($ch); $return = array_map('trim', explode(PHP_EOL, $result)); if (! empty($return)) { Cache::add($cacheKey, $return, 172800); // 2 days } } while (false); if (! is_array($return)) { return []; } return $return; } }